(Dieser Artikel ist auch in deutscher Sprache verfügbar)

A first draft law for the implementation of the data retention directive was presented at the end of April 2007 by the Romanian Ministry of Communications and Information Technology for public consultation. The ministry also organized on 26 April a public debate on the draft law.

The first draft was achieved in cooperation with a number of public bodies including the Ministry of Justice, Ministry of Internal Affairs or the Romanian Data Protection Authority.

The text proposing a 12-month period of traffic data retention, without any explanatory reports, has received criticism from ISPs and other telecom operators that believe it puts a high financial burden on them. The draft clearly specifies that the content of the communications cannot be retained by the operators, considering the retention of the content as well as any retained data transfer without a proper judicial authorization as crimes. The retained data should be deleted at the end of the 12 month period.

Only the electronic communication providers that have notified the Regulatory Authority are subject to data retention obligations and there are no provisions for the hosting or other online service providers.

The retained data can be accessed by prosecutors only in the penal cases related to organized crime and terrorism crimes and with a proper specific judged-approved access authorization. The prosecutor can ask, through a specific ordinance, for access to the data as a provisional measure, if this is necessary due to specific circumstances that could otherwise put in danger the penal investigation. But in this case, the prosecutor's decision together with the data needs to be confirmed by a judge in 48 hours. If a judge does not confirm the prosecutor's ordinance, all the accessed data will be destroyed.

The very detailed procedure regarding access by prosecutors to the retained data is in opposition with Article 16 of the draft text that allows, "in case of a threat to the national security", the request of the retained data by "the specific bodies, as explained in the laws on national security". The vagueness of this article was criticized in the public debate, the participants considering that this could leave room for discriminatory access by the Romanian secret services.

As regards the type of data retained, the Romanian draft is only a translation of the European Directive on data retention. The public consultation will end on 10 May 2007 and the text could be approved by the Government and then sent to the Parliament for consideration.

Draft law on data retention by public electronic communication providers (only in Romanian, 04.2007)
http://www.mcti.ro/index.php?id=16&lege=383

MCIT Publicly Debates the Retention of Data Generated or Processed in Connection with the Provision of Publicly available electronic communications services or of public communications networks (26.04.2007)
http://www.mcti.ro/index.php?id=28&lege=1257&L=1

EDRI - Member APTI - Romania - Opinion of the draft data retention law (only in Romanian, 9.05.2007)
http://www.apti.ro/opinie_APTI_Legedatetrafic_9052007.pdf